The ShinyHunters hacking group stole student data from the popular education platform Canvas last week. Parent company Instructure apologized for the hack and said Canvas "remains safe to use."
What's the latest?
Instructure said in a statement posted online that it "reached an agreement with the unauthorized actor involved in this incident." Instructure said "the data was returned to us" and "we received digital confirmation of data destruction (shred logs)." "No Instructure customers will be extorted as a result of this incident, publicly or otherwise," the company said. "This agreement covers all impacted Instructure customers, and there is no need for individual customers to attempt to engage with the unauthorized actor." Instructure first said it was probing a cybersecurity incident in regards to Canvas on May 1.
Hacking group ShinyHunters claimed responsibility for the breach in a May 3 post on its website. ShinyHunters said it seized roughly 6.65 terabytes of Canvas data in the hack.
ShinyHunters said it would release data tied to nearly 9,000 schools worldwide if the educational institutions did not pay a ransom by May 6. ShinyHunters then pushed back the deadline as it said negotiations were underway with some schools.
ShinyHunters is reportedly made of young adults and teenagers in the US and UK and has earlier been accused of carrying out a hack on online sales platform Ticketmaster.
Usernames, email addresses, course names, enrollment info and messages were some of the info compromised in the hack, Daly said.
Canvas serves as a hub for digital and course materials, a gradebook, and a platform for instructors and students to speak with one another.
The hack impacted some universities during the final exam period, with students unable to access review materials on the Canvas platform due to the hack. The University of Massachusetts at Dartmouth and the University of Illinois were among those institutions postponing exams because of the breach.
Edited by: Jenipher Camino Gonzalez Advertisement
